Customers using processing systems embedded within integrated circuits often desire to protect the application software code that is loaded and executed by these processing systems. As such, certain embedded processor systems use software or hardware decryption and a secret key to decrypt software images that are encrypted and stored in external memory systems. For these security applications, a cryptographic algorithm according to the Advanced Encryption Standard (AES) can be used to encrypt the software image, and AES decryption can then be used within the integrated circuit to decrypt the encrypted software image. AES encryption/decryption is well known and is commonly applied to provide secured protection of software code and/or other data blocks in various environments. The AES algorithm operates on 128-bit (16 byte) data blocks with either 128-bit, 192-bit, or 256-bit secret keys. Further, the AES algorithm uses a variable number of calculation rounds for the cryptographic calculation depending upon the size of the secret key being used. For example, where a 128-bit secret key is used for AES encryption, the data is processed through a series of calculations requiring ten (10) rounds to complete. Each round performs four different data transformations: (1) byte substitution using a substitution table, (2) shifting rows of a state array by different offsets, (3) mixing the data within each column of the state array, and (4) adding a round key to the state. The AES decryption function reverses these calculations using the same 128-bit secret key.
For secure applications with certain external memories, such as Quad-SPI (quad-serial-peripheral-interface) non-volatile flash memories, execute-in-place operational modes can cause difficulties with existing integrated circuit processing systems. For example, a decryption engine for such an execute-in-place operational mode may require that encrypted code be decrypted in real-time thereby allowing direct execution from the external memory system. However, a significant challenge for such real-time execution is protection of the secret keys, such as AES keys, that are being used to generate the encrypted code and to decrypt the encrypted code within the integrated circuit. One solution is to store the secret keys in external memories; however, such a solution has serious security implications as the secret keys can be accessed using rather straightforward techniques, such as through decapsulation and micro-probe of the external memory and/or through bus snooping during the external access to the secret keys in the external memories. As such, this prior solution is not effective in providing a high level of security for the encrypted software code.